Information Security Expert

Function :

• You develop and oversee the documentation related to the Information Security Management System.
• You align and update security documents to ensure consistency throughout the organization and ensure adherence to security policies, standards, and regulatory requirements.
• You participate in the risk management process and framework to ensure a consistent approach by performing security risk assessments to identify vulnerabilities in projects and initiatives, recommending, following up, and monitoring mitigation measures.
• You ensure the timely review of penetration test and audit remediation steps while coordinating with internal and external stakeholders.
• You maintain and implement a data classification framework to ensure all data is accurately categorized and documented, supporting future project analysis and business requirements, and ensure data ownership is identified in partnership with relevant parties.
• You provide regular reports on security operations, risk status, and compliance to the CISO, senior management, and relevant authorities (NIS, ENTSO-E, ENISA CNPD, etc.).
• You handle daily security requests related to incident response (reports, analysis, follow-up) and security testing (penetration tests, configuration reviews, etc.).
• You create and maintain the Security Testing Program for the Group or dedicated entity and ensure its effective execution.
• You contribute to information security training and awareness initiatives for the entire group staff.
• You assist in defining roles and access permissions to ensure secure information system access, monitor identity and access management systems, and ensure the effective implementation of the Identity & Access Management Policy.

Profile :

Extra Information :